Ricky

链接

RSS

RSS Link

node-sass安装的坑

2018年4月19日 09:29 | Comments(0) | Category:Other | Tags:

node-sass安装各种坑

1. 

set SASS_BINARY_SITE=https://npm.taobao.org/mirrors/node-sass/
npm install node-sass

2. 修改.npmrc

sass_binary_site=https://npm.taobao.org/mirrors/node-sass/
phantomjs_cdnurl=https://npm.taobao.org/mirrors/phantomjs/
electron_mirror=https://npm.taobao.org/mirrors/electron/
registry=https://registry.npm.taobao.org

3. npm install -g cnpm; cnpm install

 

 

Windows10运行Ubuntu Linux Subsystem并开启后台ssh服务

2017年11月14日 15:11 | Comments(0) | Category:Other | Tags:

相比运行一个虚拟机来运行命令,显然WSL要轻便的多,打算主要用来更新各种需要在线更新以来包和镜像的工具,比如docker, npm, yum等

1. 当然是开启开发者模式

2. 控制面板程序和功能中安装WSL

3. 运行bash安装即可,现在安装速度比以往快了很多,应该有CDN加速了

4. lxrun.exe /setdefaultuser root 设置bash默认用户为root

5. 使用阿里源 http://blog.csdn.net/Hehailiang_Dream/article/details/54094634

6. sudo vim /etc/ssh/sshd_config 添加两行

    KexAlgorithms diffie-hellman-group1-sha1,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

Ciphers 3des-cbc,blowfish-cbc,aes128-cbc,aes128-ctr,aes256-ctr
 
7. chmod +s /usr/sbin/sshd
 
8. sudo vim /etc/sudoers添加一行 %sudo ALL=(ALL) NOPASSWD: /usr/sbin/sshd -D
 
9. https://github.com/131/dispatcher 下载编译,并按说明添加一个bash配置文件
 
这样运行dispatcher就可以自动在后台启动ssh服务,用其他终端登陆即可。
 
备份和恢复WSL
Install WSL on your new machine (do not create a user account, just control-C out of that prompt).
Delete the %localappdata%\lxss directory on your new machine.
Copy your saved lxss directory to %localappdata%\lxss
run lxrun.exe /setdefaultuser oldusername
Launch bash.
 

CentOS配置Docker用direct-lvm

2017年11月09日 14:28 | Comments(0) | Category:Other | Tags:

http://www.troylc.cc/docker/2017/01/15/Docker06devicemapper.html

Docker启动脚本有问题,在/etc/docker/daemon.json加入启动参数

{

  "storage-driver": "devicemapper",
   "storage-opts": [
     "dm.thinpooldev=/dev/mapper/docker-thinpool",
     "dm.use_deferred_removal=true",
     "dm.use_deferred_deletion=true"
   ]
}
 

CentOS使用国内源并安装Docker

2017年11月07日 11:07 | Comments(0) | Category:Other | Tags:

使用阿里源

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

yum makecache

 

安装Docker CE

# step 1: 安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3: 更新并安装 Docker-CE
sudo yum makecache fast
sudo yum -y install docker-ce
# Step 4: 开启Docker服务
sudo service docker start
 
使用国内Docker镜像
 
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://your_docker_image_server"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

 

root用户登录DSM

2017年10月09日 14:03 | Comments(0) | Category:Other | Tags:

给admin用户设置密码后用ssh登录
sudo -i
synouser --setpw root newpass
即可设置root账户密码

Visual Studio Code配置BC或者Merge代码比较合并

2017年9月18日 16:11 | Comments(0) | Category:Other | Tags:

git config --global diff.tool araxis
git config --global mergetool.tool araxis
git config --global mergetool.araxis.path "d:/Program Files/Araxis/Araxis Merge/Compare.exe"
 
git config --global diff.tool bc
git config --global mergetool.tool bc
git config --global mergetool.bc.path "d:/program files/beyond compare 4/bcomp.exe"
 
;[diff]
;    tool = bc
;[difftool "bc"]
;    path = d:/program files/beyond compare 4/bcomp.exe
;[merge]
;    tool = bc
;[mergetool "bc"]
;    path = d:/program files/beyond compare 4/bcomp.exe
[diff]
tool = araxis
[difftool "araxis"]
    prompt = false
    path = d:/Program Files/Araxis/Araxis Merge/Compare.exe
[merge]
tool = araxis
[mergetool "araxis"]
path = d:/Program Files/Araxis/Araxis Merge/Compare.exe
[mergetool]
    prompt = false
tool = araxis

 

搭建环境遇到的一系列问题

2017年9月07日 11:32 | Comments(0) | Category:Other | Tags:

Jenkins修改语言和系统时间

Jenkins安装Local Plugin插件,然后在系统设置中设置默认语言为zh_CN

实际使用中IE可以根据浏览器语言自动显示,但Chrome设置了中文还是显示英文,只有修改系统默认语言解决了

Docker运行Jenkins需要修改

/etc/localtime -> /usr/share/zoneinfo/PRC

/etc/timezone:Asia/Shanghai

显示当地时间,否则显示UTC时间

 

LDAP服务地址

ldap默认端口是389,ldaps则用的是636

Powershell操作IE实现网站登录

2017年8月16日 09:15 | Comments(0) | Category:Other | Tags:

虽然curl也可以实现,但由于网站有cookies,偶尔会失败,所以研究了用Powershell控制IE模拟人操作实现网站登录认证

$url = "http://web.com/login.html" 
$username="username"
$password="password"
$ie = new-object -com "InternetExplorer.ApplicationMedium"
$ie.visible=$false
$ie.navigate("$url")
while($ie.ReadyState -ne 4) {start-sleep -m 100}
$ie.Document.IHTMLDocument3_getElementById("account").value = $username
$ie.Document.IHTMLDocument3_getElementById("acc_pass").value = $password
$ie.Document.IHTMLDocument3_getElementById("account_login_checkbox").checked=$true
$ie.Document.IHTMLDocument3_getElementById("account_login_btn").click()
start-sleep -m 1000
$ie.Quit()
[System.Runtime.Interopservices.Marshal]::ReleaseComObject($ie)
Remove-Variable ie

while($ie.ReadyState -ne 4) {start-sleep -m 100} 这句是控制等待IE载入页面

如果缺少这三行,会导致对象没有完全清理,再次运行脚本会报错计划关机已设置无法创建对象
$ie.Quit()
[System.Runtime.Interopservices.Marshal]::ReleaseComObject($ie)
Remove-Variable ie

由于Windows 11下powershell通过ID获取网页元素存在问题,通过$ie = new-object -com "InternetExplorer.ApplicationMedium"可以解决,但首先要在注册表新增默认值

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\InternetExplorer.ApplicationMedium]

[HKEY_CLASSES_ROOT\InternetExplorer.ApplicationMedium\CLSID] 
@="{D5E8041D-920F-45e9-B8FB-B1DEB82C6E5E}"
 
并且只能通过$ie.Document.IHTMLDocument3_getElementById()这种方式获取页面元素
另外需要在兼容性视图设置中取消两个复选框。
 

NPM配置全局安装目录及使用淘宝源

2017年6月27日 08:56 | Comments(0) | Category:Other | Tags:

找到npm_modules/npm/npmrc

修改如下即可:
prefix = D:\nodejs\node_global
cache = D:\nodejs\node_global
registry=https://registry.npm.taobao.org

Fiddler导出为curl命令格式

2017年5月27日 11:19 | Comments(0) | Category:Other | Tags:

https://textslashplain.com/2015/12/30/whats-new-in-fiddler-4-6-2/

 

添加自定义rules,添加一个copy as Curl即可

不过如果用到了cookies则需要把cookies修改为参数形式 --cookies "name=yes;parm=1"

用Docker安装Wekan

2017年5月16日 15:51 | Comments(0) | Category:Other | Tags:

1. 安装Docker和docker-compose

2.新建wekan用户useradd -d /home/wekan -m -s /bin/bash 

3.加入wekan组usermod -aG docker wekan

4.新建~wekan/docker-compose.yml文件
wekandb:
  image: mongo
  restart: always
  volumes:
    - /home/wekan/data:/data/db

wekan:
  image: mquandalle/wekan
  restart: always
  links:
    - wekandb:db
  ports:
    - 8080:80
  environment:
    - MONGO_URL=mongodb://db
    - ROOT_URL=http://hostname/wekan

5.用docker命令导入image后启动容器

docker run -d --name wekan-db mongo
docker run -d --link "wekan-db:db" -e "MONGO_URL=mongodb://db" \
  -e "ROOT_URL=http://example.com" -p 8080:80 mquandalle/wekan
 
6.停止容器后用docker-compose启动测试是否正常
docker-compose up
 
7.最后docker-compose start部署

 

vsftpd配置防火墙规则

2017年5月09日 10:57 | Comments(0) | Category:Other | Tags:

firewall-cmd --zone=public --permanent --add-port=21/tcp

firewall-cmd --zone=public --permanent --add-service=ftp

firewall-cmd --reload

CentOS或者Redhat安装shadowsocks客户端

2017年5月08日 16:30 | Comments(0) | Category:Other | Tags:

http://www.infocool.net/kb/Other/201702/295623.html

参考链接即可

不过需要设置开机启动

新建启动脚本文件/etc/systemd/system/shadowsocks.service

[Unit]

Description=Shadowsocks
 
[Service]
TimeoutStartSec=0
ExecStart=/usr/bin/sslocal -c /etc/shadowsocks.json
 
[Install]
WantedBy=multi-user.target
 
$ systemctl enable shadowsocks
$ systemctl start shadowsocks

Redhat下用docker安装易度

2017年5月05日 11:41 | Comments(0) | Category:Other | Tags:

下载已有的yum包
rpm -qa | grep yum | xargs rpm -e --nodeps
rpm -qa | grep python-iniparse | xargs rpm -e --nodeps
rpm -qa | grep python-urlgrabber | xargs rpm -e --nodeps
 
安装yum
wget http://mirrors.163.com/centos/7/os/x86_64/Packages/python-iniparse-0.4-9.el7.noarch.rpm
wget http://mirrors.163.com/centos/7/os/x86_64/Packages/yum-3.4.3-150.el7.centos.noarch.rpm
wget http://mirrors.163.com/centos/7/os/x86_64/Packages/yum-metadata-parser-1.1.4-10.el7.x86_64.rpm
wget http://mirrors.163.com/centos/7/os/x86_64/Packages/yum-plugin-fastestmirror-1.1.31-40.el7.noarch.rpm
wget http://mirrors.163.com/centos/7/os/x86_64/Packages/python-urlgrabber-3.10-8.el7.noarch.rpm
rpm -ivh *.rpm
 
添加CentOS源
wget http://mirrors.163.com/.help/CentOS7-Base-163.repo
export releasever="7"
export basearch="x86_64"
 
yum clean all
yum makecache
 
安装易度
ExecStart=/usr/bin/docker daemon -H fd:// --insecure-registry docker.easydo.cn:5000
docker run --privileged --rm=true --net=host --name=upgrade_host -e ETCD_PORT_4001_TCP=tcp://172.17.42.1:4001 -e SERVICE_ID=edodocs -e EDO_OPERATOR=0 -v /root/:/var/edo/console/host_root_home/ -v /etc/systemd/:/etc/systemd/ -v /var/docker_files/:/var/docker_files/ -v /var/docker_backup/:/var/docker_backup/ -v /var/docker_data/:/var/docker_data/ docker.easydo.cn:5000/console upgrade docker.easydo.cn:5000 x-release all
 
中途可以重新启动和暂停
docker start  `docker ps -q -l` # restart it in the background
docker attach `docker ps -q -l` # reattach the terminal & stdin
docker pause d2e42201fab9
 

Pentaho配置Active Directory验证

2017年3月22日 17:21 | Comments(0) | Category:Other | Tags:

Pentaho 7.0使用AD作为LDAP服务器,不支持OU中包含中文字符

 

URL填ldap://hostname:port即可,如果是389端口则可以省略

验证的账户则必须是完整的DN,比如CN=bind,ou=pentaho,dc=adnet,dc=com

其他的参考bigdatafan.blogspot.jp/2016/08/pentaho-ba-server-with-active-directory.html

 

SpagoBI集成LDAP访问

2017年3月20日 16:36 | Comments(0) | Category:Other | Tags:

SpagoBI 5.2集成AD访问

官方手册是在太老了, 花了一天时间才搞定

1. 仍然是修改三个参数

SPAGOBI.SECURITY.PORTAL-SECURITY-CLASS.className=it.eng.spagobi.security.LdapSecurityProviderImpl 
SPAGOBI.SECURITY.USER-PROFILE-FACTORY-CLASS.className=it.eng.spagobi.security.LdapUserProfileFactoryImpl 
SPAGOBI.SECURITY.PORTAL-SECURITY-INIT-CLASS.className=it.eng.spagobi.security.init.LdapSecurityProviderInit

2. ldap_authirizations.xml

 

<?xml version="1.0" encoding="UTF-8"?> 
<LDAP_AUTHORIZATIONS default="FALSE"> 
<CONFIG> 

<!-- SERVER --> 
<HOST>10.16.10.98</HOST> 
<PORT>389</PORT> 
<ADMIN_USER>ldapadmin@tfsad.com</ADMIN_USER> <!-- THIS IS KEY --> 
<ADMIN_PSW>password</ADMIN_PSW> <!-- password in clear text --> 
<BASE_DN>DC=tfsad,DC=com</BASE_DN> <!-- base domain, if any --> 

<!-- USERS --> 
<USER_SEARCH_PATH>ou=XXX</USER_SEARCH_PATH> <!-- SpagoBI will look for users under this node - Our user OU is STAFF --> 
<USER_OBJECT_CLASS>user</USER_OBJECT_CLASS> <!-- class for users' objects --> 
<USER_ID_ATTRIBUTE_NAME>sAMAccountName</USER_ID_ATTRIBUTE_NAME> <!-- name of the attribute containing the user identifier --> 
<USER_NAME_ATTRIBUTE_NAME>name</USER_NAME_ATTRIBUTE_NAME> <!-- name of the attribute(*) containing the user name --> 
<SUPER_ADMIN_ATTRIBUTE_NAME>superAdmin</SUPER_ADMIN_ATTRIBUTE_NAME> <!-- name of the attribute(*) containing the super admin flag --> 
<!-- (*) SPAGOBI attribute, not LDAP attribute!!! It must match the "name" attribute of one USER_ATTRIBUTE tag below --> 
<USER_MEMBEROF_ATTRIBUTE_NAME>memberOf</USER_MEMBEROF_ATTRIBUTE_NAME> <!-- this attribute has to contain the list of groups the user belongs to --> 

<!-- list of the users' attributes to be loaded when querying the LDAP --> 
<USER_ATTRIBUTE name="id">sAMAccountName</USER_ATTRIBUTE> <!-- LDAP attribute to be considered as SpagoBI attribute --> 
<USER_ATTRIBUTE name="name">name</USER_ATTRIBUTE> 
<USER_ATTRIBUTE name="mail">mail</USER_ATTRIBUTE> 
<USER_ATTRIBUTE name="memberOf">memberOf</USER_ATTRIBUTE> 
<USER_ATTRIBUTE name="superAdmin">superAdmin</USER_ATTRIBUTE> --> 

<!-- GROUPS --> 
<GROUP_SEARCH_PATH>OU=XXX</GROUP_SEARCH_PATH> <!-- SpagoBI will look for groups under this node --> 
<GROUP_OBJECT_CLASS>group</GROUP_OBJECT_CLASS> <!-- class for groups' objects --> 
<GROUP_ID_ATTRIBUTE_NAME>cn</GROUP_ID_ATTRIBUTE_NAME> <!-- the attribute containing the name of the group --> 

<!-- list of the users' attributes to be loaded when querying the LDAP --> 
<!-- <GROUP_ATTRIBUTE>ou</GROUP_ATTRIBUTE> --> 
<GROUP_ATTRIBUTE>cn</GROUP_ATTRIBUTE> 

<ACCESS_GROUP_NAME></ACCESS_GROUP_NAME> <!-- Access group name: if specified, users must belong to this group in order to enter SpagoBI --> 
<GROUP_MEMBERS_ATTRIBUTE_NAME></GROUP_MEMBERS_ATTRIBUTE_NAME> <!-- this attribute has to contain the list of users belonging to this group, in case the ACCESS_GROUP_NAME is specified --> 

</CONFIG> 
</LDAP_AUTHORIZATIONS> 

注意密码是明文,而不是加密过的

3. AD中添加superAdmin自定义属性

添加时需要具有Enterprise Admin和Schema Admin组的权限,另外需要在注册表中确认Update Schema Allowded是否设置为1

添加后需要重启AD服务,参考http://www.morgantechspace.com/2013/08/how-to-create-custom-attribute-in.html

4. 添加角色映射

参考https://www.spagoworld.org/jforum/posts/list/3600.page

 


修改DLL

2017年2月17日 14:54 | Comments(0) | Category:Other | Tags:

ildasm转储为IL文件,修改IL后用ilasm.exe /dll/resource=Web.res Web.il编译为DLL

 

也可以用.Net Reflector或者ILSpy配合Reflexil

测试AD用户密码

2016年11月24日 12:37 | Comments(0) | Category:Other | Tags:

<#
.Synopsis
Verify Active Directory credentials
 
.DESCRIPTION
This function takes a user name and a password as input and will verify if the combination is correct. The function returns a boolean based on the result.
 
.NOTES   
Name: Test-ADCredential
Author: Jaap Brasser
Version: 1.0
DateUpdated: 2013-05-10
 
.PARAMETER UserName
The samaccountname of the Active Directory user account
 
.PARAMETER Password
The password of the Active Directory user account
 
.EXAMPLE
Test-ADCredential -username jaapbrasser -password Secret01
 
Description:
Verifies if the username and password provided are correct, returning either true or false based on the result
#>
function Test-ADCredential {
    [CmdletBinding()]
    Param
    (
        [string]$UserName,
        [string]$Password
    )
    if (!($UserName) -or !($Password)) {
        Write-Warning 'Test-ADCredential: Please specify both user name and password'
    } else {
        Add-Type -AssemblyName System.DirectoryServices.AccountManagement
        $DS = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('domain')
        $DS.ValidateCredentials($UserName, $Password)
    }
}
Test-ADCredential "username" "defaultpass"

SSH登录Windows的Linux子系统

2016年8月18日 23:27 | Comments(0) | Category:Other | Tags:

Windows 10带来了Ubuntu Linux子系统但是缺少好的终端支持直接登录,只有用ssh客户端曲线登录本机了

 

1.安装:cmd下执行lxrun /install

2.重新安装openssh-server: sudo apt-get remove openssh-server
                 sudo apt-get install openssh-server
 
apt-get的源可以修改为用国内的,比如163或者aliyun
deb http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse
 
安装过程会遇到很多错误,如果遇到Unable To Connect To Upstart,则执行:
dpkg-divert --local --rename --add /sbin/initctl
ln -s /bin/true /sbin/initctl
 

遇到invoke-rc.d: policy-rc.d denied execution of start则修改/usr/sbin/policy-rc.d为exit 0

3.重启sshd sudo service ssh --full-restart

 Windows 10自带了ssh服务可能会占用22端口,所以需要停用两个服务

另外遇到upstart的问题可以用如下命令

apt-get remove upstart
apt-get remove udev
apt-get autoremove
然后重新安装upstart
 
最后cmd下设置默认用户:lxrun /setdefaultuser root
 
4.设置ssh免密码登录:ssh-keygen -t rsa
由于都是同一host的一个用户 直接将id_rsa.pub重定向到authorized_keys即可
 
这样就 可以尽情在Windows下用 Linux开发 工具了

AD 账户批量操作

2016年7月15日 17:52 | Comments(0) | Category:Other | Tags:

移动
dsmove "CN=username,OU=ouname,DC=domain,DC=Com" -newparent "OU=ouname,DC=domain,DC=Com"
 
重命名CN
dsmove "CN=username,OU=ouname,DC=tfsad,DC=com" -newname "newname"
 
组添加成员
dsmod group "CN=group,OU=ouname,DC=domain,DC=com" -addmbr "CN=username,OU=ouname,DC=domain,DC=Com"
 
获取组成员
dsget group "CN=group,OU=ouname,DC=domain,DC=com" -members
 
循环处理
for /f "Tokens=*" %s in ('dsquery user "OU=ouname, DC=domain, DC=com" -disabled -limit 0') do DSMOVE %s -newparent "ou=Disabled,dc=domain,dc=com"
 
For /F "delims=*" %%w IN ('dsquery user -desc Archived* "OU=Data Has Been Archived,OU=Base,OU=Staff,OU=Accounts - Archive,DC=Home,DC=co,DC=uk"') DO (
      For /F "delims=*" %%g IN ('dsget user %%w -memberof -expand') DO (
            dsmod group %%g -rmmbr %%w
      )
)
 
使用PS
    Set-ADUser $user -SamAccountName ("{0}" -f "newsam") -UserPrincipalName ("{0}@{1}" -f "upn","domain.com") 
    Rename-ADObject -Identity "CN=oldcn,OU=ou,DC=domain,DC=Com" -NewName "newcn"

 

用PowerShell配合CSV文件批量操作:

批量修改登录名称

$UserList=IMPORT-CSV C:\Users\ricky\Desktop\user.csv
FOREACH ($Person in $UserList) {
   $CurrentName=$Person.ADCN
   $NewName=$Person.EmployeeID
   $UPN     ="$NewName@domain.com"
   Get-ADUser -Identity $CurrentName | Set-ADUser -SamAccountName $NewName -UserPrincipalName $UPN 
   Rename-ADObject -Identity "CN=$CurrentName,OU=ou,OU=ou,DC=domain,DC=Com" -NewName $NewName
}
 
批量修改用户信息
$UserList=IMPORT-CSV C:\Users\ricky\Desktop\user.csv
FOREACH ($Person in $UserList) {
   $ADCN = $Person.ADCN
   $Name = $Person.Name
   $SurName = $Person.Name.Substring(0,1)
   $GivenName = $Person.Name.Substring(1)
   $DisplayName = $Person.Name
   $Department = $Person.DepartmentNo+"-"+$Person.Department
   $Company = $Person.Company
   $Description = $Person.Role
   $Title = $Person.Title
   Get-ADUser -Identity $ADCN | Set-ADUser -GivenName $GivenName -SurName $SurName -DisplayName $DisplayName -Department $Department -Company $Company -Description $Description -Title $Title -EmployeeID $ADCN -EmployeeNumber $ADCN
}
 
批量添加用户到组
$UserList=IMPORT-CSV C:\Users\ricky\Desktop\user.csv
FOREACH ($Person in $UserList) {
   $ACNO = $Person.ACNO
   $UPN = $Person.ACNO+"@domain.com"
   $Name = $Person.ACNO
   $surName = $Person.Name.Substring(0,1)
   $givenName = $Person.Name.Substring(1)
   $Department = $Person.DepartmentNo+"-"+$Person.Department
   $Email = $Person.Email
   $Tel = $Person.Tel
   $Mobile = $Person.Mobile
   $Path = "OU=ou,DC=domain,DC=com"
   New-ADUser -Name $Name -givenname $givenName -surname $surName -userprincipalname $UPN -Department $Department -DisplayName $Name -EmailAddress $Email -EmployeeID $ACNO -EmployeeNumber $ACNO -Enabled $true -AccountPassword (ConvertTo-SecureString "zaq12wsX" -AsPlainText -Force) -MobilePhone $Mobile -OfficePhone $Tel -Path $Path -SamAccountName $ACNO
}
 
删除:
Remove-ADUser -Identity id -Confirm:$false
 
获取上次登录时间:
Import-Module ActiveDirectory
$adusers = Get-ADUser -filter * -SearchBase "OU=BeforeADProject,OU=ACA Users,DC=***,DC=*****,DC=***" -Properties SamAccountName | select -expand SamAccountName
 
function Get-ADUserLastLogon([string]$userName)
{
  $dcs = Get-ADDomainController -Filter {Name -like "*"}
  $time = 0
  foreach($dc in $dcs)
  { 
    $hostname = $dc.HostName
    $user = Get-ADUser $userName | Get-ADObject -Properties lastLogon 
    if($user.LastLogon -gt $time) 
    {
      $time = $user.LastLogon
    }
  }
  $dt = [DateTime]::FromFileTime($time)
  Write-host $username "last logged on at:" $dt }
 
 
$output = foreach ($aduser in $adusers){
    Get-ADUserLastLogon -UserName $aduser
}
 
$UserList=IMPORT-CSV C:\Users\ricky\Desktop\user.csv
FOREACH ($Person in $UserList) {
   $ADCN = $Person.ADCN
   $IsEmployee = $Person.IsEmployee
   if ($IsEmployee -eq "FE")
   {
       Add-ADGroupMember -Identity GroupName -Members $ADCN
   }
}
 

移动:

Move-ADObject -Identity "OU=ManagedGroups,DC=Fabrikam,DC=Com" -TargetPath "OU=Managed,DC=Fabrikam,DC=Com"